Jan 12-14 in Miami South Beach

Tickets 201 – 300 now on sale for $1,395

We have firmed up the last three speaking slots for Stage 2: Technical Deep Dives at S4x16. These are sessions and speakers we have been chasing, waiting for a firm commitment, and great additions to the agenda.

Medical Security – Billy Rios of Laconicly is going to give a “give a really technical talk on infusion pump teardown and analysis.” My guess is this will be like Ralph Langner’s Stuxnet Deep Dive in that everyone had heard about Stuxnet, but having the person who spent man months or years tearing an infusion pump apart explain it in technical detail will be fascinating. Billy will also be bringing infusion pumps down for attendees to play with in a lobby display.

Auto Security – Craig Smith of Open Garages and the author of Car Hacker’s Handbook will give an insider’s technical view of auto security. He works closely with the auto industry to identify and explain security issues and develop solutions. More details on his session will be up shortly, but he was our number one target to speak on auto security because of his understanding of both the technology and industry.

Mechanical Integrity – S4 Alumni Bryan Singer of Kenexis will be present “Is it Possible to Assure Mechanical Integrity and Safety on Ethernet Connected Devices?” This is a follow on session to last year’s “The Pragmatic Pwn of ICS“. OSHA 1910.119(j) requires that to achieve mechanical integrity, one must be able to control all of the inputs and outputs to a given device. The session will explore various considerations for combining traditional engineering devices such as Emergency Relief Valves and hardwired Machine Overspeed Protection devices. This is the case using cyber / physical for defense.

I attended and spoke at escar Asia (embedded security in cars) the last two days in Tokyo. Obviously the Miller/Valasek Jeep hack was referenced in almost every session and gave the event a sense of urgency.

There were some very positive developments in the auto community including a number of programs, such as escrypt or JASPAR, to add authentication to the CAN protocol and projects to segment the auto the car’s network to restrict communication between modules. This is a much faster response than seen in other sectors with the same problems. The issue is will these projects move from research / pilots to being deployed in new cars in 3 or 4 years.

I couldn’t get that Die Hard “Welcome to the party, pal” line out of my head over the two days as I heard the auto sector beginning to internalize the realities of the situation and deal with the challenges that other sectors have been trying to tackle for the past decade.

My presentation, see below, focused on facts and lessons learned from 15 years of ICS security in other sectors and how they compare to the present situation and recommended path for the auto sector.

A few items I found interesting:

There was literally no focus on the back end. The conference focused on the security in the car, but we know the big win would be to attack the back end where the vendor or service provider has a server authorized to communicate with a fleet of vehicles. While this is a better known problem and solution, we saw from the Progressive example that the same lack of concern to security of this closed system can exist on the server side with much greater consequences.

The “100 million lines of code” in your car was repeated over and over with the corresponding stats of vulnerabilities per 100 lines of code. I couldn’t help but thinking of bloat. Are 100 million lines of code necessary? With the additional functionality being planned are we looking at 500 million lines of code in the 2020 models? This is not an informed opinion, just an observation.

The auto industry discussion of safety is very different than the safety integrated systems (SIS) we see in a typical ICS. Safety in the auto sector appears to be a control system feature that increases passenger and vehicle safety rather than an independent system deployed to prevent catastrophes. They are also focused on mapping their safety techniques to security or finding some way to integrate them. Unfortunately ISA99/IEC 62443 found this to be difficult, and as to date impossible, due to the fact that security has to deal with an attacker rather than a statistically model.

The key management for some of the component to component authentication in an auto will be an interesting and important challenge. The auto sector should be bringing in crypto and protocol experts to do this. Relying on extremely smart auto talent reading NIST and other documents could lead to a big failure. I’m far removed from my cryptanalyst and banking security standards days, but I do remember that crypto and security protocol work is hard.

If you are in or near Tokyo, you should put escar Asia on your conference list. It’s a strong event.

Dale's Tweets

About Us

Digital Bond was founded in 1998 and performed our first control system security assessment in the year 2000. Over the last sixteen years we have helped many asset owners and vendors improve the security and reliability of their ICS, and our S4 events are an opportunity for technical experts and thought leaders to connect and move the ICS community forward.